Open Stack

Possibly, though I don't see code that checks the actual CIDR length.  It
seems to check CIDR correctness via IP correctness.  ie, things like the
ending IP not being smaller than the starting IP, etc.

One change to my original message on what the fix is, we'd have to compare
subnet_first_ip and subnet_last_ip... not start_ip and end_ip as those are
from the pool passed in, not the actual first and last IPs in the subnet.

In the launchpad bug report, it was mentioned you can create a subnet
without a gateway.   I would still contend this is invalid because then you
have a VM on a single-IP subnet without a gateway, which is also a dead
end.

Thoughts?



Edgar Magana <emagana at plumgrid.com> wrote on 01/21/2014 03:04:47 PM:

> From: Edgar Magana <emagana at plumgrid.com>
> To: OpenStack List <openstack-dev at lists.openstack.org>,
> Date: 01/21/2014 03:10 PM
> Subject: Re: [openstack-dev] [neutron] Neutron should disallow /32 CIDR
>
> Wouldn't be easier just to check if:
>
> cidr is 32?
>
>  I believe it is a good idea to not allow /32 network but this is
> just my opinion
>
> Edgar
>
> From: Paul Ward <wpward at us.ibm.com>
> Reply-To: OpenStack List <openstack-dev at lists.openstack.org>
> Date: Tuesday, January 21, 2014 12:35 PM
> To: OpenStack List <openstack-dev at lists.openstack.org>
> Subject: [openstack-dev] [neutron] Neutron should disallow /32 CIDR
>
> Currently, NeutronDbPluginV2._validate_allocation_pools() does some
> very basic checking to be sure the specified subnet is valid.  One
> thing that's missing is checking for a CIDR of /32.  A subnet with
> one IP address in it is unusable as the sole IP address will be
> allocated to the gateway, and thus no IPs are left over to be
> allocated to VMs.
>
> The fix for this is simple.  In
> NeutronDbPluginV2._validate_allocation_pools(), we'd check for
> start_ip == end_ip and raise an exception if that's true.
>
> I've opened lauchpad bug report 1271311 (https://bugs.launchpad.net/
> neutron/+bug/1271311) for this, but wanted to start a discussion
> here to see if others find this enhancement to be a valuable addition.
> _______________________________________________ OpenStack-dev mailing
list
> OpenStack-dev at lists.openstack.org http://lists.openstack.org/cgi-
> bin/mailman/listinfo/openstack-dev
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140121/6c653d20/attachment.html>